Computer Weekly

Virtually all vulnerable open source downloads are avoidable

Open source consumers are downloading about 1.2 billion known vulnerable Java dependencies every month, and whether out of lack of attention, ignorance, stress and overwork or something else, 96% of ...
InfoWorld

Report finds few open source projects actively maintained

Sonatype’s annual software supply chain analysis finds open source project maintenance in decline, while 1 in 8 open source downloads have a known risk. A recent analysis accounting for nearly 1.2 ...
KXAN

Sonatype’s 8th Annual State of the Software Supply Chain Report Finds 96% of Known-Vulnerable Open Source Downloads Are Avoidable

Las Vegas, Oct. 18, 2022 (GLOBE NEWSWIRE) -- Sonatype, the pioneer of software supply chain management, today unveiled its eighth annual State of the Software Supply Chain Report at the DevOps ...